Should Third-Party Really Be your Second Priority?
If you have a patching strategy delivering Microsoft updates on a routine basis, you should extend that capacity to include third-party updates.
Just a couple weeks ago, we discovered a massive compromise in one of the world’s largest business and personal computer utilities, “CCleaner” by Piriform.
Version 5.33.6162 was released with injected malicious code which would expose any system to hackers remotely gaining access to that system. To make matters worse, CCleaner does not come with an automatic update capability so remediating these issues requires a toolset which can remotely deploy or patch third-party software. Piriform said that Avast, its new parent company, had uncovered the attacks on Sept. 12, with a new, uncompromised version of CCleaner being released the same day.
Robert Brown, Director of Services for Verismic said, “Your patch management strategy must include both the operating system and any software or third-party updates to be reassured of your environment’s safety. Deploying only Windows updates is not closing the holes used by hackers in the current wave of ever increasing sophisticated hacks.
Syxsense includes both Microsoft, Linux and the most popular third-party vendors so you can be reassured everything is covered.”
What takes 206 days?
Cyberattacks are an increasingly serious risk for organizations, but many executives believe their organization won’t be targeted. They claim their organization is too small to be on the attackers’ radars or that they have nothing worth stealing.
Many cybercriminals are indiscriminate in their attacks and can always find something of interest. However, companies that believe they’re safe may already be penetrated – they just don’t know it yet.
A study found that US companies took an average of 206 days to detect a data breach. This is an increase on the previous year (201 days) where a survey showed 20 percent of employees showed a lack of awareness for safe social media posting, choosing risky actions such as posting on their personal social media accounts. Data breaches are contained sooner if they’re detected by a staff member when conducting routine assessments of potential vulnerabilities within their organization.
“This is why it is important to have a proactive stance when it comes to patch management,” said Brown. “How long will it take before you realize you have been compromised?”
Ransomware is the fastest growing security threat, yet most companies are unprepared to deal with it, says a new study. Companies and government agencies are overwhelmed by frequent, severe attacks, according to the 2017 Ransomware Report commissioned by Cybersecurity Insiders and conducted by Crowd Research. That illustrates why ransomware damages are expected to hit $6,000,000,000 this year.
October Patch Tuesday Release
Microsoft published its monthly security updates on October 10, 2017, addressing 62 vulnerabilities in Windows, Internet Explorer, Edge, and Office. The vulnerabilities could allow an attacker to execute arbitrary code, gain elevated privileges, bypass security protections, view sensitive information, or cause a denial of service. View details of the complete Security Update Guide here.
We have selected the updates to prioritize this month. Our recommendation has been made using evidence from industry experts, anticipated business impact and the independent CVSS score for the vulnerability. The independent CVSS scores used in the table below range from 0 to 10. Vulnerabilities with a base score in the range 7.0-10.0 are High, those in the range 4.0-6.9 are Medium, and 0-3.9 are Low.
|ID||Vulnerability Alert||CVSS Base Score||Recommended|
|CVE-2017-11779||Microsoft Windows DNSAPI Arbitrary Code Execution Vulnerability||9.8||Yes|
|CVE-2017-11786||Microsoft Skype for Business Elevation of Privilege Vulnerability||8.3||Yes|
|CVE-2017-8717||Microsoft Windows JET Database Engine Arbitrary Code Execution Vulnerability||8.1||Yes|
|CVE-2017-8718||Microsoft Windows JET Database Engine Arbitrary Code Execution Vulnerability||8.1||Yes|
|CVE-2017-11771||Microsoft Windows Search Arbitrary Code Execution Vulnerability||8.1||Yes|
|CVE-2017-11781||Microsoft Windows Server Message Block Denial of Service Vulnerability||7.5||Yes|
|CVE-2017-11819||Microsoft Windows Shell Memory Corruption Vulnerability||7.5||Yes|
|CVE-2017-11782||Microsoft Windows Server Message Block Privilege Escalation Vulnerability||7.4||Yes|
|CVE-2017-11783||Microsoft Windows Privilege Escalation Vulnerability||7.4||Yes|
|CVE-2017-11780||Microsoft Windows Server Message Block Arbitrary Code Execution Vulnerability||7.3||Yes|
|CVE-2017-8689||Microsoft Windows Kernel-Mode Driver Privilege Escalation Vulnerability||7||Yes|
|CVE-2017-8694||Microsoft Windows Kernel-Mode Driver Privilege Escalation Vulnerability||7||Yes|
|CVE-2017-11824||Microsoft Windows Graphics Component Privilege Escalation Vulnerability||7||Yes|
|CVE-2017-8703||Microsoft Windows Subsystem for Linux Denial of Service Vulnerability||6.8||Yes|
|CVE-2017-11776||Microsoft Windows Universal Outlook Information Disclosure Vulnerability||6.5||Yes|
|CVE-2017-11815||Microsoft Windows Server Message Block Information Disclosure Vulnerability||6.4|
|CVE-2017-11784||Microsoft Windows Kernel Information Disclosure Vulnerability||6.1|
|CVE-2017-11785||Microsoft Windows Kernel Information Disclosure Vulnerability||6.1|
|CVE-2017-11772||Microsoft Windows Search Service Information Disclosure Vulnerability||5.9|
|CVE-2017-11816||Microsoft Windows Graphics Device Interface+ Information Disclosure Vulnerability||5.7|
|CVE-2017-11829||Microsoft Windows Update Delivery Optimization Privilege Escalation Vulnerability||5.5|
|CVE-2017-11775||Microsoft SharePoint Cross-Site Scripting Vulnerability||5.4|
|CVE-2017-11777||Microsoft SharePoint Cross-Site Scripting Vulnerability||5.4|
|CVE-2017-11820||Microsoft SharePoint Cross-Site Scripting Vulnerability||5.4|
|CVE-2017-8693||Microsoft Windows Graphics Information Disclosure Vulnerability||5.3|
|CVE-2017-8715||Microsoft Windows Device Guard Security Feature Bypass Vulnerability||5.3|
|CVE-2017-11765||Microsoft Windows Kernel Information Disclosure Vulnerability||5.3|
|CVE-2017-11814||Microsoft Windows Kernel Information Disclosure Vulnerability||5.3|
|CVE-2017-11823||Microsoft Windows Device Guard Security Feature Bypass Vulnerability||5.3|
|CVE-2017-11817||Microsoft Windows Kernel Information Disclosure Vulnerability||4.7|
|CVE-2017-11818||Microsoft Windows Storage Security Feature Bypass Vulnerability||4.5|
|CVE-2017-11790||Microsoft Internet Explorer Information Disclosure Vulnerability||4.3|
|CVE-2017-11794||Microsoft Edge Information Disclosure Vulnerability||4.3|
|CVE-2017-8726||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-8727||Microsoft Windows Shell Memory Corruption Vulnerability||4.2|
|CVE-2017-11762||Microsoft Windows Graphics Arbitrary Code Execution Vulnerability||4.2|
|CVE-2017-11763||Microsoft Windows Graphics Arbitrary Code Execution Vulnerability||4.2|
|CVE-2017-11769||Microsoft Windows TRIE Arbitrary Code Execution Vulnerability||4.2|
|CVE-2017-11774||Microsoft Outlook Security Feature Bypass Vulnerability||4.2|
|CVE-2017-11792||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11793||Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11796||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11797||Microsoft ChakraCore Memory Corruption Vulnerability||4.2|
|CVE-2017-11798||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11799||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11800||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11801||Microsoft ChakraCore Memory Corruption Vulnerability||4.2|
|CVE-2017-11802||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11804||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11805||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11806||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11807||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11808||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11809||Microsoft Edge and Internet Explorer Memory Corruption Vulnerability||4.2|
|CVE-2017-11810||Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11811||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11812||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11813||Microsoft Internet Explorer Memory Corruption Vulnerability||4.2|
|CVE-2017-11821||Microsoft Edge Scripting Engine Memory Corruption Vulnerability||4.2|
|CVE-2017-11822||Microsoft Internet Explorer Memory Corruption Vulnerability||4.2|
|CVE-2017-11825||Microsoft Office Memory Corruption Vulnerability||4.2|
|CVE-2017-11826||Microsoft Office Memory Corruption Vulnerability||4.2|